Uninstall rsh Package

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

The rsh-client package contains the client commands

for the rsh services

Rationale

These legacy clients contain numerous security exposures and have been replaced with the more secure SSH package. Even if the server is removed, it is best to ensure the clients are also removed to prevent users from inadvertently attempting to use these commands and therefore exposing

their credentials. Note that removing the rsh-client package removes

the clients for rsh,rcp, and rlogin.

Remediation

Shell script

The following script can be run on the host to remediate the issue.

#!/bin/bash

# CAUTION: This remediation script will remove rsh-client
#	   from the system, and may remove any packages
#	   that depend on rsh-client. Execute this
#	   remediation AFTER testing on a non-production
#	   system!

DEBIAN_FRONTEND=noninteractive apt-get remove -y "rsh-client"

Ansible playbook

The following playbook can be run with Ansible to remediate the issue.

- name: Ensure rsh-client is removed
  package:
    name: rsh-client
    state: absent
  tags:
  - NIST-800-171-3.1.13
  - PCI-DSSv4-2.2.4
  - disable_strategy
  - low_complexity
  - low_disruption
  - no_reboot_needed
  - package_rsh_removed
  - unknown_severity